Skip to main content
Anand_Narayana
Anand_Narayana
Explorer
September 21, 2023
Solved

External Connector Threat Feeds Logs

  • September 21, 2023
  • 1 reply
  • 2221 views

Recently I have upgraded FG-81F from v.7.4.0 to v.7.4.1. After upgrading the Automation logs that I have configured to send email alerts displays the UUID instead of the Threet Feed names. Is that a known bug or workaround available to resolve. Pasted below as quick reference for better understanding.

The differences can be noticed in "msg" that on v.7.4.0, it displays the names as FINANCE_URL but UUID in v.7.4.1.

 

On v.7.4.1

date=2023-09-20 time=12:36:20 devid="FGT81FTxxxxxxxxx" devname="FGT-PRIMARY" eventtime=1695193580831034046 tz="+0530" logid="0100022220" type="event" subtype="system" level="information" vd="root" logdesc="Threat feed updated" status="success" msg="Threat feed 'ext-273ce776-2493-51ee-de2f-eff2ada4c0b4' updated successfully" desc="threat-feed"

 

On v.7.4.0

The log displays as follows

date=2023-09-20 time=11:30:22 devid="FG101FTxxxxxxxxx" devname="FGT-PRIMARY" eventtime=1695276021981973499 tz="+0530" logid="0100022220" type="event" subtype="system" level="information" vd="root" logdesc="Threat feed updated" status="success" msg="Threat feed 'ext-root.FINANCE_URL' updated successfully" desc="threat-feed"

Best answer by Anand_Narayana

This is a known bug in v7.4.1 and resolved in v7.4.2. Bug ID 952509.

1 reply

Anand_Narayana
Anand_NarayanaAuthor
Explorer
September 21, 2023

UTM services are in place. The Internet access in our organization is based on the whitelisting URLs by blocking all the categories. The external threatfeed is configured to allow ONLY the whitelisted URLs. This is synced to multiple locations instead of manually logging in to all the Fortinet devices and add the URLs manually. This is not an issue as I have being using this for several years now. The only issue that I currently see is the automation emails alerts sent with the UUID instead of the Threatfeeds name  from v.7.4.1 and not earlier. So wanted to know if this is a known bug or a workaround available to resolve.

Anand_Narayana
Anand_NarayanaAuthorAnswer
Explorer
February 20, 2024

This is a known bug in v7.4.1 and resolved in v7.4.2. Bug ID 952509.

    Terms & ConditionsCookie settingsAccessibility statement